Security professionals report skilled cybersecurity staff harder to find, says Tripwire study
Tripwire, Inc., a global provider of security and compliance solutions for enterprises and industrial organisations, announced the results of a study conducted in July by Dimensional Research that examined how organisations are addressing the cybersecurity skills gap.
According to Tripwire’s study, 93% of security professionals are concerned about the cybersecurity skills gap, and 72% believe it is more difficult to hire skilled security staff to defend against today’s complex cyberattacks compared to two years ago. Significantly, 81% believe that the skills required to be a great security professional have changed in the past few years.
20% of respondents said their organisations had hired people with expertise not specific to security over the past two years, and another 17% stated they plan to do the same in the next two years. Additionally, Tripwire’s study found that 50% plan to invest more heavily in training their existing staff to help with the looming skills shortage.
“It’s evident that security teams are evolving and maturing with the rest of the cybersecurity industry, but the pool of skilled staff and training simply aren’t keeping up,” said Tim Erlin, vice president of product management and strategy at Tripwire.”
“For example, beyond their technical duties, security practitioners may now be expected to spend more time in boardrooms or in the CFO’s office to secure more budget. While the makeup of the cybersecurity workforce may be changing, the fundamentals of protecting an organisation have not. It will be critical during this transition to ensure there’s a long-term strategy in place around maintaining their foundational security controls.”
Tripwire’s study also looked at how organisations expect to tackle the skills gap in the future and found the following:
-
91% plan to supplement their team by outsourcing for skills.
-
88% believe managed services would add value to solving the skills gap problem.
-
98% expect other functions like non-security teams to be more involved in cybersecurity moving forward.
-
96% believe that automation will play a role in solving the skills gap in the future.
Erlin added: “The skills gap doesn’t have to be an operational gap. Security teams shouldn’t overburden themselves by trying to do everything on their own. They can partner with trusted vendors for managed services or subscribe to service plans where outside experts can act as an extension of the team.”
“Organisations should also understand that security is a shared responsibility across different functions, so people from other parts of the business should be involved in the cybersecurity program. And, of course, automation can add value not only in reducing manual work, but also in ensuring that everything is up-to-date and working as it should in real time. Security teams may just need to work more creatively.”
For more information on Tripwire’s study, click here
Comment on this article below or via Twitter @IoTGN